aboutsummaryrefslogtreecommitdiff
path: root/Jellyfin.Api/WebSocketListeners
diff options
context:
space:
mode:
Diffstat (limited to 'Jellyfin.Api/WebSocketListeners')
-rw-r--r--Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs5
-rw-r--r--Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs5
2 files changed, 6 insertions, 4 deletions
diff --git a/Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs b/Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs
index 2ce1e76de..e2e7b0cb5 100644
--- a/Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs
+++ b/Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs
@@ -71,8 +71,9 @@ public class ActivityLogWebSocketListener : BasePeriodicWebSocketListener<Activi
/// <param name="message">The message.</param>
protected override void Start(WebSocketMessageInfo message)
{
- if (message.Connection.AuthorizationInfo.User is null
- || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))
+ if (!message.Connection.AuthorizationInfo.IsApiKey
+ && (message.Connection.AuthorizationInfo.User is null
+ || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)))
{
throw new AuthenticationException("Only admin users can retrieve the activity log.");
}
diff --git a/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs b/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs
index a793c2f39..cc0792477 100644
--- a/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs
+++ b/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs
@@ -80,8 +80,9 @@ public class SessionInfoWebSocketListener : BasePeriodicWebSocketListener<IEnume
/// <param name="message">The message.</param>
protected override void Start(WebSocketMessageInfo message)
{
- if (message.Connection.AuthorizationInfo.User is null
- || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))
+ if (!message.Connection.AuthorizationInfo.IsApiKey
+ && (message.Connection.AuthorizationInfo.User is null
+ || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)))
{
throw new AuthenticationException("Only admin users can subscribe to session information.");
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-07 13:36:33 +0000